AMD confirms some Zen 5 CPUs have a worrying security flaw that could put users at risk

In a security bulletin, AMD detailed a flaw labeled as “AMD-SB-7055”, describing it as a vulnerability in the RDSEED hardware-based random number generator.

On affected chips, the 16-bit and 32-bit forms of the RDSEED instruction may return “0” at a rate that’s not entirely random while, at the same time, labeling the process as a success. In theory, if a company runs a server that generates cryptographic keys for encrypting customer data, and the software running on that server uses RDSEED instructions to get random numbers directly from the chip, the instruction might return all zeroes.

Patches and mitigations

Even though it obviously isn’t all random, it would still signal that it succeeded, raising absolutely no red flags.

As a result, attackers who obtain one of the public keys can mathematically reconstruct or guess the private key, breaking encryption or impersonating the company, meaning encrypted customer records, API tokens, or even software-update signatures could be forged or decrypted.

Mitigations and patches are already in the works. By January 2026, depending on the CPU, most should have been mitigated.

Fixes for AMD's consumer-based Zen 5 chips, including the Ryzen 9000 series, AI Max 300 series, Threadripper 9000 series, and Ryzen Z2 series, are coming out on November 25.

AMD added it should have the necessary AGESA microcode updates out “soon” to rectify this issue across all Zen 5 CPUs.

If you’re running chips that don’t have a working mitigation just yet, AMD recommends you switch back to its unaffected 64-bit form of RDSEED, or move to a software failback until it is released.

Via Tom's Hardware

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.